Links are so fundamental to web development that they're almost invisible. When we link to a third-party page, we hardly ever consider how it could become an opportunity to exploit our users. In this article, Julien Cretel introduces us to three techniques that bad actors can use to target our users and discusses how to avoid them.

It’s been shown that if you follow a proven collection of practices for developing, designing, testing, implementing, and maintaining your software, you will produce a much higher quality product. Over the past few years, we have seen an increasing number of cases of attacks on the application layer. The Open Web Application Security Project, OWASP, estimates that around one-third of web applications contain security vulnerabilities.

Employees today are more mobile than ever. As we saw, due to COVID-19 the majority of organizations moved their employees to a work from home model overnight. This quick change of location forced businesses to implement solutions that would provide their workforces secure remote access to an increasingly complex corporate network.

In Part 1 and Part 2 of this blog post series, Snowflake Service Account Security, discussed service accounts threats and how to mitigate those threats with Snowflake features. Part 3 demonstrates how to manage credential rotation with a sample Hashicorp Vault plugin. You can use many platforms to achieve similar results. The important thing is to understand the patterns used to apply these controls to protect your service accounts.

As more and more data is exposed via APIs either as API-first companies or for the explosion of single page apps/JAMStack, API security can no longer be an afterthought. The hard part about APIs is that it provides direct access to large amounts of data while bypassing browser precautions. Instead of worrying about SQL injection and XSS issues, you should be concerned about the bad actor who was able to paginate through all your customer records and their data.

Wire encryption protects data in motion, and Transport Layer Security (TLS) is the most widely used security protocol for wire encryption. TLS provides authentication, privacy and data integrity between applications communicating over a network by encrypting the packets transmitted between endpoints. Users interact with Hadoop clusters via browser or command line tools, while applications use REST APIs or Thrift.

Today, we’re excited to announce Data On-Prem for development teams that operate in data-sensitive environments. This new feature truly lets you have the best of both worlds, by enabling large enterprises to leverage Rookout as a SaaS offering, while also meeting the rigorous governance and control requirements that these companies often face.